Re ldapsearch -H problem - ldap authentication

From: Gallagher, Kevin (K.Gallagher@napier.ac.uk)
Date: Wed Apr 16 2003 - 09:40:04 EDT

• Next message: Rick.Brashear@ercgroup.com: "RE: SUMMARY: /dev/random for Solaris 8"
• Previous message: Naveen Gajan: "Mailing list information required"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Thanks to everyone for their help with ldapsearch. The answer lay in the
/etc/openldap/ldap.conf file. Once I had established the correct Base I
could search and extract information on specific accounts. I subsequently
progressed to authenticating against my ldapserver using PAM. I have
configured /etc/openldap/ldap.conf, /etc/ldap.conf, and /etc/pam.d/sshd but
simply can't authenticate via ssh. I also have Nis+ running and can
authenticate against my NIS+ master Server. There is nothing in the message
log indicating that I am even contacting my ldapserver. As a result I am at
a loss as the documentation indicates I have configured the correct files
and I have no error messages to give me a lead. I didn't reboot after any
changes as I have kept a ssh window open for editing changes and use a fresh
ssh window for testing changes. Can anyone advise me where I have gone
wrong?

Example files:

/etc/openldap/ldap.conf
HOST <correct ip address>
BASE dc=ldapserver,dc=napier,dc=ac,dc=uk

/etc/ldap.conf - extract the rest is commented out
# Your LDAP server. Must be resolvable without using LDAP.
host <correct ip address>
binddn cn=administrator,cn=users,dc=ldapserver,dc=napier,dc=ac,dc=uk
bindpw <password>
scope sub

/etc/pam.d/sshd
auth sufficient /lib/security/pam_ldap.so
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_limits.so
session optional /lib/security/pam_console.so

Kevin Gallagher
Central Operations
C&IT
Napier University
Edinburgh
Scotland
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Rick.Brashear@ercgroup.com: "RE: SUMMARY: /dev/random for Solaris 8"
• Previous message: Naveen Gajan: "Mailing list information required"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:26:12 EDT